X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FPkiUtils.java;h=dbd0456654d6e7f70c6eab431ecaa0bbff24f9f1;hb=4835aba6de0e6e2f7ef2da9e3bd19adca661c8bc;hp=67f8f01c65ee8ca5a62bb236ef046e7a3f7bc57d;hpb=b4c772a263e0f19f6c283dbbb87d04794072b284;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/PkiUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/PkiUtils.java
index 67f8f01c6..dbd045665 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/PkiUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/PkiUtils.java
@@ -15,7 +15,7 @@ import java.util.Date;
 
 import javax.security.auth.x500.X500Principal;
 
-import org.argeo.ArgeoException;
+import org.argeo.cms.CmsException;
 import org.bouncycastle.cert.X509v3CertificateBuilder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
 import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
@@ -41,7 +41,7 @@ class PkiUtils {
 			kpGen.initialize(keySize, new SecureRandom());
 			KeyPair pair = kpGen.generateKeyPair();
 			Date notBefore = new Date(System.currentTimeMillis() - 10000);
-			Date notAfter = new Date(System.currentTimeMillis() + 24L * 3600 * 1000);
+			Date notAfter = new Date(System.currentTimeMillis() + 365 * 24L * 3600 * 1000);
 			BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
 			X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(x500Principal, serial, notBefore,
 					notAfter, x500Principal, pair.getPublic());
@@ -55,13 +55,13 @@ class PkiUtils {
 			keyStore.setKeyEntry(x500Principal.getName(), pair.getPrivate(), keyPassword, new Certificate[] { cert });
 			return cert;
 		} catch (Exception e) {
-			throw new ArgeoException("Cannot generate self-signed certificate", e);
+			throw new CmsException("Cannot generate self-signed certificate", e);
 		}
 	}
 
 	public static KeyStore getKeyStore(File keyStoreFile, char[] keyStorePassword) {
 		try {
-			KeyStore store = KeyStore.getInstance("PKCS12", SECURITY_PROVIDER);
+			KeyStore store = KeyStore.getInstance("JKS", SECURITY_PROVIDER);
 			if (keyStoreFile.exists()) {
 				try (FileInputStream fis = new FileInputStream(keyStoreFile)) {
 					store.load(fis, keyStorePassword);
@@ -71,7 +71,7 @@ class PkiUtils {
 			}
 			return store;
 		} catch (Exception e) {
-			throw new ArgeoException("Cannot load keystore " + keyStoreFile, e);
+			throw new CmsException("Cannot load keystore " + keyStoreFile, e);
 		}
 	}
 
@@ -81,7 +81,7 @@ class PkiUtils {
 				keyStore.store(fis, keyStorePassword);
 			}
 		} catch (Exception e) {
-			throw new ArgeoException("Cannot save keystore " + keyStoreFile, e);
+			throw new CmsException("Cannot save keystore " + keyStoreFile, e);
 		}
 	}
 
@@ -92,67 +92,71 @@ class PkiUtils {
 		long begin = System.currentTimeMillis();
 		for (int i = 512; i < 1024; i = i + 2) {
 			try {
-				KeyPairGenerator keyGen = KeyPairGenerator.getInstance(ALGORITHM,provider);
+				KeyPairGenerator keyGen = KeyPairGenerator.getInstance(ALGORITHM, provider);
 				keyGen.initialize(i, secureRandom);
 				keyGen.generateKeyPair();
 			} catch (Exception e) {
 				System.err.println(i + " : " + e.getMessage());
 			}
 		}
-		System.out.println( (System.currentTimeMillis() - begin) + " ms");
+		System.out.println((System.currentTimeMillis() - begin) + " ms");
 
-//		// String text = "a";
-//		String text = "testtesttesttesttesttesttesttesttesttesttesttesttesttesttest";
-//		try {
-//			System.out.println(text);
-//			PrivateKey privateKey;
-//			PublicKey publicKey;
-//			char[] password = "changeit".toCharArray();
-//			String alias = "CN=test";
-//			KeyStore keyStore = KeyStore.getInstance("pkcs12");
-//			File p12file = new File("test.p12");
-//			p12file.delete();
-//			if (!p12file.exists()) {
-//				keyStore.load(null);
-//				generateSelfSignedCertificate(keyStore, new X500Principal(alias), 513, password);
-//				try (OutputStream out = new FileOutputStream(p12file)) {
-//					keyStore.store(out, password);
-//				}
-//			}
-//			try (InputStream in = new FileInputStream(p12file)) {
-//				keyStore.load(in, password);
-//				privateKey = (PrivateKey) keyStore.getKey(alias, password);
-//				publicKey = keyStore.getCertificateChain(alias)[0].getPublicKey();
-//			}
-//			// KeyPair key;
-//			// final KeyPairGenerator keyGen =
-//			// KeyPairGenerator.getInstance(ALGORITHM);
-//			// keyGen.initialize(4096, new SecureRandom());
-//			// long begin = System.currentTimeMillis();
-//			// key = keyGen.generateKeyPair();
-//			// System.out.println((System.currentTimeMillis() - begin) + " ms");
-//			// keyStore.load(null);
-//			// keyStore.setKeyEntry("test", key.getPrivate(), password, null);
-//			// try(OutputStream out=new FileOutputStream(p12file)) {
-//			// keyStore.store(out, password);
-//			// }
-//			// privateKey = key.getPrivate();
-//			// publicKey = key.getPublic();
-//
-//			Cipher encrypt = Cipher.getInstance(ALGORITHM);
-//			encrypt.init(Cipher.ENCRYPT_MODE, publicKey);
-//			byte[] encrypted = encrypt.doFinal(text.getBytes());
-//			String encryptedBase64 = Base64.getEncoder().encodeToString(encrypted);
-//			System.out.println(encryptedBase64);
-//			byte[] encryptedFromBase64 = Base64.getDecoder().decode(encryptedBase64);
-//
-//			Cipher decrypt = Cipher.getInstance(ALGORITHM);
-//			decrypt.init(Cipher.DECRYPT_MODE, privateKey);
-//			byte[] decrypted = decrypt.doFinal(encryptedFromBase64);
-//			System.out.println(new String(decrypted));
-//		} catch (Exception e) {
-//			e.printStackTrace();
-//		}
+		// // String text = "a";
+		// String text =
+		// "testtesttesttesttesttesttesttesttesttesttesttesttesttesttest";
+		// try {
+		// System.out.println(text);
+		// PrivateKey privateKey;
+		// PublicKey publicKey;
+		// char[] password = "changeit".toCharArray();
+		// String alias = "CN=test";
+		// KeyStore keyStore = KeyStore.getInstance("pkcs12");
+		// File p12file = new File("test.p12");
+		// p12file.delete();
+		// if (!p12file.exists()) {
+		// keyStore.load(null);
+		// generateSelfSignedCertificate(keyStore, new X500Principal(alias),
+		// 513, password);
+		// try (OutputStream out = new FileOutputStream(p12file)) {
+		// keyStore.store(out, password);
+		// }
+		// }
+		// try (InputStream in = new FileInputStream(p12file)) {
+		// keyStore.load(in, password);
+		// privateKey = (PrivateKey) keyStore.getKey(alias, password);
+		// publicKey = keyStore.getCertificateChain(alias)[0].getPublicKey();
+		// }
+		// // KeyPair key;
+		// // final KeyPairGenerator keyGen =
+		// // KeyPairGenerator.getInstance(ALGORITHM);
+		// // keyGen.initialize(4096, new SecureRandom());
+		// // long begin = System.currentTimeMillis();
+		// // key = keyGen.generateKeyPair();
+		// // System.out.println((System.currentTimeMillis() - begin) + " ms");
+		// // keyStore.load(null);
+		// // keyStore.setKeyEntry("test", key.getPrivate(), password, null);
+		// // try(OutputStream out=new FileOutputStream(p12file)) {
+		// // keyStore.store(out, password);
+		// // }
+		// // privateKey = key.getPrivate();
+		// // publicKey = key.getPublic();
+		//
+		// Cipher encrypt = Cipher.getInstance(ALGORITHM);
+		// encrypt.init(Cipher.ENCRYPT_MODE, publicKey);
+		// byte[] encrypted = encrypt.doFinal(text.getBytes());
+		// String encryptedBase64 =
+		// Base64.getEncoder().encodeToString(encrypted);
+		// System.out.println(encryptedBase64);
+		// byte[] encryptedFromBase64 =
+		// Base64.getDecoder().decode(encryptedBase64);
+		//
+		// Cipher decrypt = Cipher.getInstance(ALGORITHM);
+		// decrypt.init(Cipher.DECRYPT_MODE, privateKey);
+		// byte[] decrypted = decrypt.doFinal(encryptedFromBase64);
+		// System.out.println(new String(decrypted));
+		// } catch (Exception e) {
+		// e.printStackTrace();
+		// }
 
 	}